Alireza Gharib Blog Security, Linux, and DevOps

January 2, 2025

CVE-2024-3177

Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Go to Source

General
January 2, 2025

CVE-2023-5528

Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes Go to Source

General
January 2, 2025

CVE-2023-5044

Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation Go to Source

General
January 2, 2025

CVE-2023-5043

Ingress nginx annotation injection causes arbitrary command execution Go to Source

General
January 2, 2025

CVE-2022-4886

ingress-nginx path sanitization can be bypassed Go to Source

General
January 2, 2025

CVE-2023-3955

Insufficient input sanitization on Windows nodes leads to privilege escalation Go to Source

General
January 2, 2025

CVE-2023-3893

Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation Go to Source

General
January 2, 2025

CVE-2023-3676

Insufficient input sanitization on Windows nodes leads to privilege escalation Go to Source

General
January 2, 2025

CVE-2023-2431

Bypass of seccomp profile enforcement Go to Source

General
January 2, 2025

CVE-2023-2728

Bypassing policies imposed by the ImagePolicyWebhook and bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Go to Source

General